From: "Joerg Roedel" <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
To: "Avi Kivity" <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: [PATCH] SVM: forbid guest to execute monitor/mwait
Date: Wed, 21 Mar 2007 19:47:00 +0100 [thread overview]
Message-ID: <20070321184700.GA20139@amd.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 427 bytes --]
From: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
This patch forbids the guest to execute monitor/mwait instructions on
SVM. This is necessary because the guest can execute these instructions
if they are available even if the kvm cpuid doesn't report its
existence.
Signed-off-by: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
--
Joerg Roedel
Operating System Research Center
AMD Saxony LLC & Co. KG
[-- Attachment #2: kvm-svm-monitor-disable.patch --]
[-- Type: text/plain, Size: 1430 bytes --]
diff --git a/drivers/kvm/svm.c b/drivers/kvm/svm.c
index d3cc115..68a2520 100644
--- a/drivers/kvm/svm.c
+++ b/drivers/kvm/svm.c
@@ -511,7 +511,9 @@ static void init_vmcb(struct vmcb *vmcb)
(1ULL << INTERCEPT_VMSAVE) |
(1ULL << INTERCEPT_STGI) |
(1ULL << INTERCEPT_CLGI) |
- (1ULL << INTERCEPT_SKINIT);
+ (1ULL << INTERCEPT_SKINIT) |
+ (1ULL << INTERCEPT_MONITOR) |
+ (1ULL << INTERCEPT_MWAIT);
control->iopm_base_pa = iopm_base;
control->msrpm_base_pa = msrpm_base;
@@ -1292,6 +1294,8 @@ static int (*svm_exit_handlers[])(struct kvm_vcpu *vcpu,
[SVM_EXIT_STGI] = invalid_op_interception,
[SVM_EXIT_CLGI] = invalid_op_interception,
[SVM_EXIT_SKINIT] = invalid_op_interception,
+ [SVM_EXIT_MONITOR] = invalid_op_interception,
+ [SVM_EXIT_MWAIT] = invalid_op_interception,
};
diff --git a/drivers/kvm/svm.h b/drivers/kvm/svm.h
index df731c3..5e93814 100644
--- a/drivers/kvm/svm.h
+++ b/drivers/kvm/svm.h
@@ -44,6 +44,9 @@ enum {
INTERCEPT_RDTSCP,
INTERCEPT_ICEBP,
INTERCEPT_WBINVD,
+ INTERCEPT_MONITOR,
+ INTERCEPT_MWAIT,
+ INTERCEPT_MWAIT_COND,
};
@@ -298,6 +301,9 @@ struct __attribute__ ((__packed__)) vmcb {
#define SVM_EXIT_RDTSCP 0x087
#define SVM_EXIT_ICEBP 0x088
#define SVM_EXIT_WBINVD 0x089
+#define SVM_EXIT_MONITOR 0x08a
+#define SVM_EXIT_MWAIT 0x08b
+#define SVM_EXIT_MWAIT_COND 0x08c
#define SVM_EXIT_NPF 0x400
#define SVM_EXIT_ERR -1
[-- Attachment #3: Type: text/plain, Size: 345 bytes --]
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
[-- Attachment #4: Type: text/plain, Size: 186 bytes --]
_______________________________________________
kvm-devel mailing list
kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/kvm-devel
next reply other threads:[~2007-03-21 18:47 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-21 18:47 Joerg Roedel [this message]
[not found] ` <20070321184700.GA20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 7:38 ` [PATCH] SVM: forbid guest to execute monitor/mwait Avi Kivity
[not found] ` <46023264.4010105-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 9:56 ` Joerg Roedel
[not found] ` <20070322095605.GB20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 10:06 ` Avi Kivity
[not found] ` <46025528.5010707-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 10:17 ` Joerg Roedel
[not found] ` <20070322101729.GC20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 10:42 ` Avi Kivity
[not found] ` <46025D94.8050606-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 11:07 ` Joerg Roedel
[not found] ` <20070322110733.GE20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 11:40 ` Avi Kivity
[not found] ` <46026B2A.2080501-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 11:56 ` Joerg Roedel
[not found] ` <20070322115602.GF20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 12:01 ` Avi Kivity
[not found] ` <4602700E.1030500-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 12:22 ` Joerg Roedel
[not found] ` <20070322122249.GG20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 12:33 ` Avi Kivity
[not found] ` <460277AE.9040403-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 12:46 ` Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070321184700.GA20139@amd.com \
--to=joerg.roedel-5c7gfcevmho@public.gmane.org \
--cc=avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org \
--cc=kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox